package cn.hp.shiro;

import java.lang.reflect.Array;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.IniSecurityManagerFactory;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Factory;

import cn.hp.realm.UserRealm;

//用户认证（登录）
public class TestApp {

	public static void main(String[] args) {
		String username = "zhangsan";
		String password = "123456";
		
		//1  创建SercurityManager工厂
		Factory<SecurityManager>factory = new IniSecurityManagerFactory("classpath:shiro.ini");
		//2  从工厂中获取SecurityManager
		DefaultSecurityManager securityManager = (DefaultSecurityManager) factory.getInstance();
		//3  创建自定义Realm并注入给SecurityManager
		Realm realm = new UserRealm();
		securityManager.setRealm(realm);
		//4  把当前的SecurityManager绑定到当前线程中
		SecurityUtils.setSecurityManager(securityManager);
		//5  获取subject
		Subject subject = SecurityUtils.getSubject();
		//6  封装用户名和密码
		UsernamePasswordToken token = new UsernamePasswordToken(username,password);
		//7  完成认证
		try {
			subject.login(token);
			System.out.println("是否认证成功:"+subject.isAuthenticated());
			//把当前的用户信息存储到session当中
			//获取SimpleAuthenticationInfo里的第一个参数
			Object principal = subject.getPrincipal();
			System.out.println("---------------------");
			System.out.println(principal);
		} catch (IncorrectCredentialsException e) {
			System.out.println("密码不正确！");
		} catch (UnknownAccountException e) {
			System.out.println("用户名不正确！");
		}
		
		System.out.println("---------------------");
		
		//判断用户是否拥有某个角色
		boolean hasRole = subject.hasRole("role1");
		System.out.println(hasRole);
		//分别判断用户是否拥有集合里面所有的角色
		List<String> roleIdentifiers = new ArrayList<>();
		roleIdentifiers.add("role1");
		roleIdentifiers.add("role5");
		boolean[] hasRoles = subject.hasRoles(roleIdentifiers);
		System.out.println(Arrays.toString(hasRoles));
		//同时判断用户是否拥有集合里面的所有角色
		boolean hasAllRoles = subject.hasAllRoles(roleIdentifiers);
		System.out.println(hasAllRoles);
		
		System.out.println("---------------------");
		
		//判断用户是否拥有某个权限
		boolean permitted1 = subject.isPermitted("user:add");
		System.out.println(permitted1);
		//分别判断用户是否拥有集合里面的所有权限
		String[] permissions= {"user:add","user:delete","user:export"};
		boolean[] permitted2 = subject.isPermitted(permissions);
		System.out.println(Arrays.toString(permitted2));
		//同时判断用户是否拥有集合里面的所有权限
		boolean permittedAll = subject.isPermittedAll(permissions);
		System.out.println(permittedAll);
		
		
		
		
		
		
		
		
		
		
		
		
	}
}
